Safe and Flexible Dynamic Linking of Native Code

  • Michael Hicks
  • Stephanie Weirich
  • Karl Crary
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 2071)

Abstract

We present the design and implementation of the first complete framework for flexible and safe dynamic linking of native code. Our approach extends Typed Assembly Language with a primitive for loading and typechecking code, which is flexible enough to support a variety of linking strategies, but simple enough that it does not significantly expand the trusted computing base. Using this primitive, along with the ability to compute with types, we show that we can program many existing dynamic linking approaches. As a concrete demonstration, we have used our framework to implement dynamic linking for a type-safe dialect of C, closely modeled after the standard linking facility for Unix C programs. Aside from the unavoidable cost of verification, our implementation performs comparably with the standard, untyped approach.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    M. Abadi, L. Cardelli, B. Pierce, and G. Plotkin. Dynamic typing in a statically-typed language. ACM Transactions on Programming Languages and Systems, 13(2):237–268, April 1991.CrossRefGoogle Scholar
  2. 2.
    A. W. Appel and A. P. Felty. A semantic model of types and machine instructions for proof-carrying code. In Twenty-Seventh ACM Symposium on Principles of Programming Languages, pages 243–253, Boston, Jan. 2000.Google Scholar
  3. 3.
    K. Arnold and J. Gosling. The Java Programming Language. Addison-Wesley, 1996.Google Scholar
  4. 4.
    B. Bershad, S. Savage, P. Pardyak, E. G. Sirer, D. Becker, M. Fiuczynski, C. Chambers, and S. Eggers. Extensibility, safety, and performance in the SPIN operating system. In Proceedings of the 15th ACM Symposium on Operating System Principles, pages 267–284, Copper Mountain Resort, Colorado, 1995.Google Scholar
  5. 5.
    H. Boehm and M. Weiser. Garbage collection in an uncooperative environment. Software—Practice and Experience, 18(9):807–820, September 1988.CrossRefGoogle Scholar
  6. 6.
    C. Colby, P. Lee, G. C. Necula, F. Blau, K. Cline, and M. Plesko. A certifying compiler for Java. In Proceedings of the 2000 ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI00), June 2000.Google Scholar
  7. 7.
    Microsoft COM technologies. http://www.microsoft.com/com/default.asp.
  8. 8.
    K. Crary, S. Weirich, and G. Morrisett. Intensional polymorphism in type-erasure semantics. In 1998 ACM International Conference on Functional Programming, pages 301–312, Baltimore, Sept. 1998. Extended version published as Cornell University technical report TR98-1721.Google Scholar
  9. 9.
    DLOPEN(3). Linux Programmer’s Manual, December 1995.Google Scholar
  10. 10.
    D. Duggan. Sharing in Typed Module Assembly Language. In Proceedings of the Third ACM SIGPLAN Workshop on Types in Compilation, September 2000.Google Scholar
  11. 11.
    D. R. Engler, M. F. Kaashoek, and J. O’Toole Jr. Exokernel: an operating system architecture for application-level resource management. In Proceedings of the 15th ACM Symposium on Operating Systems Principles, pages 251–266, Copper Mountain Resort, Colorado, December 1995. Safe and Flexible Dynamic Linking of Native Code 175Google Scholar
  12. 12.
    Flashed webserver. http://flashed.cis.upenn.edu.
  13. 13.
    M. Flatt and M. Felleisen. Units: Cool modules for HOT languages. In Proceedings of SIGPLAN International Conference on Programming Language Design and Implementation, pages 236–248. ACM, June 1998.Google Scholar
  14. 14.
    M. Franz. Dynamic linking of software components. IEEE Computer, 30(3):74–81, March 1997.Google Scholar
  15. 15.
    N. Glew and G. Morrisett. Type-safe linking and modular assembly language. In Twenty-Sixth ACM Symposium on Principles of Programming Languages, 1999.Google Scholar
  16. 16.
    D. Grossman and G. Morrisett. Scalable certi cation for Typed Assembly Language. In Proceedings of the Third ACM SIGPLAN Workshop on Types in Compilation, September 2000.Google Scholar
  17. 17.
    R. Harper, J. C. Mitchell, and E. Moggi. Higher-order modules and the phase distinction. In Seventeenth ACM Symposium on Principles of Programming Languages, pages 341–354, San Francisco, Jan. 1990.Google Scholar
  18. 18.
    M. Hicks. Dynamic Software Updating. PhD thesis, Department of Computer and Information Science, University of Pennsylvania, 2001.Google Scholar
  19. 19.
    M. Hicks, J. T. Moore, and S. Nettles. Dynamic software updating. In Proceedings of the ACM SIGPLAN Conference on Programming Language Design and Implementation. ACM, June 2001. To appear.Google Scholar
  20. 20.
    M. Hicks and S. Weirich. A calculus for dynamic loading. Technical Report MS-CIS-00-07, University of Pennsylvania, 2000.Google Scholar
  21. 21.
    L. Hornof and T. Jim. Certifying compilation and runtime code generation. Journal of Higher-Order and Symbolic Computation, 12(4), 1999. An earlier version appeared in Partial Evaluation and Semantics-Based Program Manipulation, January 22-23, 1999.Google Scholar
  22. 22.
  23. 23.
  24. 24.
    John R. Levine. Linkers and Loaders. Morgan-Kaufman, 2000.Google Scholar
  25. 25.
    D. Kozen. Efficient code certi cation. Technical Report 98-1661, Department of Computer Science, Cornell University, Ithaca, NY 12853–7501, January 1998.Google Scholar
  26. 26.
    X. Leroy. Manifest types, modules and separate compilation. In Twenty-First ACM Symposium on Principles of Programming Languages, pages 109–122, Portland, Oregon, Jan. 1994.Google Scholar
  27. 27.
    X. Leroy. The Objective Caml System, Release 3.00. Institut National de Recherche en Informatique et Automatique (INRIA), 2000. Available at http://caml.inria.fr.
  28. 28.
    M. Lillibridge. Translucent Sums: A Foundation for Higher-Order Module Systems. PhD thesis, Carnegie Mellon University, School of Computer Science, Pittsburgh, Pennsylvania, May 1997.Google Scholar
  29. 29.
    T. Lindholm and F. Yellin. The Java Virtual Machine Specification. Addison-Wesley, 1996.Google Scholar
  30. 30.
    R. Milner, M. Tofte, R. Harper, and D. MacQueen. The De nition of Standard ML (Revised). The MIT Press, Cambridge, Massachusetts, 1997.Google Scholar
  31. 31.
    J. C. Mitchell and G. D. Plotkin. Abstract types have existential type. ACM Transactions on Programming Languages and Systems, 10(3):470–502, July 1988.CrossRefGoogle Scholar
  32. 32.
    G. Morrisett, K. Crary, N. Glew, D. Grossman, R. Samuels, F. Smith, D. Walker, S. Weirich, and S. Zdancewic. TALx86: A realistic typed assembly language. In Second Workshop on Compiler Support for System Software, Atlanta, May 1999. 176 M. Hicks, S. Weirich, and K. CraryGoogle Scholar
  33. 33.
    G. Morrisett, D. Walker, K. Crary, and N. Glew. From System F to typed assembly language. ACM Transactions on Programming Languages and Systems, 21(3):527–568, May 1999. An earlier version appeared in the 1998 Symposium on Principles of Programming Languages.CrossRefGoogle Scholar
  34. 34.
    G. Necula. Proof-carrying code. In Twenty-Fourth ACM Symposium on Principles of Programming Languages, pages 106–119, Paris, Jan. 1997.Google Scholar
  35. 35.
    G. Necula and P. Lee. Safe kernel extensions without run-time checking. In Second Symposium on Operating Systems Design and Implementation, pages 229–243, Seattle, Oct. 1996.Google Scholar
  36. 36.
    J. Peterson, P. Hudak, and G. S. Ling. Principled dynamic code improvement. Technical Report YALEU/DCS/RR-1135, Department of Computer Science, Yale University, July 1997.Google Scholar
  37. 37.
    F. Rouaix. A Web navigator with applets in Caml. In Proceedings of the 5th International World Wide Web Conference, in Computer Networks and Telecommunications Networking, volume 28, pages 1365–1371. Elsevier, May 1996.Google Scholar
  38. 38.
    E. G. Sirer, M. E. Fiuczynski, P. Pardyak, and B. N. Bershad. Safe dynamic linking in an extensible operating system. In First Workshop on Compiler Support for System Software, Tucson, February 1996.Google Scholar
  39. 39.
    E. G. Sirer, R. Grimm, A. J. Gregory, and B. N. Bershad. Design and implementation of a distributed virtual machine for networked computers. In Proceedings of the Seventeenth Symposium on Operating Systems Principles, December 1999.Google Scholar
  40. 40.
    Tool Interface Standards Committee. Executable and Linking Format (ELF) specfication. http://x86.ddj.com/ftp/manuals/tools/elf.pdf, May 1995.
  41. 41.
    D. Walker and G. Morrisett. Alias types for recursive data structures. In Proceedings of the Third ACM SIGPLAN Workshop on Types in Compilation, September 2000.Google Scholar
  42. 42.
    S. Weirich. Type-safe cast. In Proceedings of the Fifth ACM SIGPLAN International Conference on Functional Programming Languages, pages 58–67, September 2000.Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2001

Authors and Affiliations

  • Michael Hicks
    • 1
  • Stephanie Weirich
    • 2
  • Karl Crary
    • 3
  1. 1.University of PennsylvaniaPhiladelphiaUSA
  2. 2.Cornell UniversityIthacaUSA
  3. 3.Carnegie Mellon UniversityPittsburghUSA

Personalised recommendations